Posted
by
timothy
on Monday July 11, 2011 @08:45PM
from the give-in-to-hegemony dept.

Evil Al writes "From the ubiquitous Verifone card terminals to the fancy Apple Store terminals, point-of-sale devices are everywhere. But does anyone know of an open terminal (with printer + Wi-Fi), preferably running Linux, that we can use to run a custom application for retail, made by a reputable manufacturer?"

If you intend to process credit card payments through your custom application on the point-of-sale device, you'll likely fall under the purview of the Payment Card Industry's Payment Application Data Security Standard (PCI PA-DSS) [pcisecuritystandards.org], which may require a source code audit and limit what you can have the software do. That may be no problem for you depending on your resources and intended use of your software, but it's worth keeping in mind.

Just because you're PCI compliant, doesn't mean you are until there is a breach and it is shown that you were indeed compliant...i.e., Visa wins. The best bet is to offload that risk to a processor as much as humanly possible.

Also, wifi + credit cards = lame. Really, really lame. Please don't do that...also, ipsec is nice when you can get it. SSL is not the greatest thing since sliced bread.

Seriously, when you business relies on a machine that must work or you are losing money, everyone wants someone to turn to when it doesn't work. That someone isn't a man page or IRC channel or mailing list or whatever support for $foo GPL program here. It's a computer, not a holy war. You press buttons and it does things. When you want a computer you control, you run linux, when you want a computer that grandma can use, you give her a Mac and when you want retail system that checks people out, you run whatever OS that your POS maker asks you to.